<span class="Comment">#!/bin/ksh</span>

<span class="Comment">#=============================================================================</span>
<span class="Comment">#</span>
<span class="Comment"># s-audit_dns_resolver.sh</span>
<span class="Comment"># -----------------------</span>
<span class="Comment">#</span>
<span class="Comment"># Script to run DNS lookups on all the sites found by s-audit's &quot;hosted</span>
<span class="Comment"># services&quot; audit.  Examines all known sites, does DNS lookups on them using</span>
<span class="Comment"># the DNS server specified in the DNS_SRV variable, and creates a file</span>
<span class="Comment"># pairing URI with IP address. This file is picked up by s-audit's web</span>
<span class="Comment"># interface.</span>
<span class="Comment">#</span>
<span class="Comment"># Requires dig.</span>
<span class="Comment">#</span>
<span class="Comment"># Should be run by cron once the day's audit files are in.</span>
<span class="Comment">#</span>
<span class="Comment"># Part of s-audit. (c) 2011 SearchNet Ltd</span>
<span class="Comment">#   see <a href="http://snltd.co.uk/s-audit">http://snltd.co.uk/s-audit</a> for licensing and documentation</span>
<span class="Comment">#</span>
<span class="Comment">#=============================================================================</span>

<span class="Comment">#-----------------------------------------------------------------------------</span>
<span class="Comment"># VARIABLES</span>

<span class="Identifier">PATH</span>=/usr/bin
    <span class="Comment"># Always set your PATH</span>

<span class="Identifier">BASE_DIR</span>=<span class="Statement">&quot;</span><span class="Constant">/var/snltd/s-audit/default</span><span class="Statement">&quot;</span>
    <span class="Comment"># s-audit's /var directory</span>

<span class="Identifier">GROUP</span>=<span class="Statement">&quot;</span><span class="Constant">default</span><span class="Statement">&quot;</span>
    <span class="Comment"># the default audit group</span>

<span class="Identifier">DNS_SRV</span>=<span class="Statement">&quot;</span><span class="Constant">dns-server</span><span class="Statement">&quot;</span>
    <span class="Comment"># Which DNS server to use for lookups. Override with -s</span>

<span class="Identifier">DIG</span>=<span class="Statement">&quot;</span><span class="Constant">/usr/local/bin/dig</span><span class="Statement">&quot;</span>
    <span class="Comment"># Path to dig executable. Override with -d</span>

<span class="Comment">#-----------------------------------------------------------------------------</span>
<span class="Comment"># FUNCTIONS</span>

<span class="Identifier">die()</span>
<span class="Identifier">{</span>
    <span class="Statement">print</span><span class="shFunctionOne"> </span><span class="Special">-u2</span><span class="shFunctionOne"> </span><span class="Statement">&quot;</span><span class="Constant">ERROR: </span><span class="PreProc">$1</span><span class="Statement">&quot;</span>
    <span class="Statement">exit</span><span class="shFunctionOne"> </span><span class="PreProc">${</span><span class="PreProc">2</span><span class="Statement">:-</span>1<span class="PreProc">}</span>
<span class="Identifier">}</span>

<span class="Identifier">usage()</span>
<span class="Identifier">{</span>
    <span class="Statement">cat</span><span class="Statement">&lt;&lt;-EOUSAGE</span>
<span class="Constant">    usage:</span>
<span class="Constant">      </span><span class="PreProc">${</span><span class="PreProc">0</span><span class="Statement">##</span>*/<span class="PreProc">}</span><span class="Constant"> [-s dns_server] [-d dir] [-D path] [-g group] [-o file]</span>

<span class="Constant">    where:</span>
<span class="Constant">      -g :     audit group</span>
<span class="Constant">                 [Default is '</span><span class="PreProc">${</span><span class="PreProc">DEF_GROUP</span><span class="PreProc">}</span><span class="Constant">'.]</span>
<span class="Constant">      -o :     path to output file.</span>
<span class="Constant">                 [Default is '</span><span class="PreProc">${</span><span class="PreProc">OUTFILE</span><span class="PreProc">}</span><span class="Constant">'.]</span>
<span class="Constant">      -D :     path to dig binary</span>
<span class="Constant">                 [Default is '</span><span class="PreProc">${</span><span class="PreProc">DIG</span><span class="PreProc">}</span><span class="Constant">'.]</span>
<span class="Constant">      -d :     base directory for s-audit data</span>
<span class="Constant">                 [Default is '</span><span class="PreProc">${</span><span class="PreProc">BASE_DIR</span><span class="PreProc">}</span><span class="Constant">'.]</span>
<span class="Constant">      -s :     DNS server on which to do lookups</span>
<span class="Constant">                 [Default is '</span><span class="PreProc">${</span><span class="PreProc">DNS_SRV</span><span class="PreProc">}</span><span class="Constant">'.]</span>

<span class="Statement">    EOUSAGE</span>
<span class="Identifier">}</span>

<span class="Comment">#-----------------------------------------------------------------------------</span>
<span class="Comment"># SCIRPT STARTS HERE</span>

<span class="Statement">while </span><span class="Statement">getopts</span><span class="Statement"> </span><span class="Statement">&quot;</span><span class="Constant">D:g:s:o:</span><span class="Statement">&quot;</span><span class="Statement"> option </span><span class="Constant">2</span><span class="Statement">&gt;</span><span class="Statement">/dev/null</span>
<span class="Statement">do</span>

    <span class="Statement">case</span> <span class="PreProc">$option</span><span class="shCaseEsac"> </span><span class="Statement">in</span>

        <span class="Statement">&quot;</span><span class="Constant">d</span><span class="Statement">&quot;</span><span class="Statement">)</span>  <span class="Identifier">BASE_DIR</span>=<span class="PreProc">$OPTARG</span>
                <span class="Statement">;;</span>

        <span class="Statement">&quot;</span><span class="Constant">D</span><span class="Statement">&quot;</span><span class="Statement">)</span>  <span class="Identifier">DIG</span>=<span class="PreProc">$OPTARG</span>
                <span class="Statement">;;</span>

        <span class="Statement">&quot;</span><span class="Constant">g</span><span class="Statement">&quot;</span><span class="Statement">)</span>  <span class="Identifier">GROUP</span>=<span class="PreProc">$OPTARG</span>
                <span class="Statement">;;</span>

        <span class="Statement">&quot;</span><span class="Constant">o</span><span class="Statement">&quot;</span><span class="Statement">)</span>  <span class="Identifier">OUTFILE</span>=<span class="PreProc">$OPTARG</span>
                <span class="Statement">;;</span>

        <span class="Statement">&quot;</span><span class="Constant">s</span><span class="Statement">&quot;</span><span class="Statement">)</span>  <span class="Identifier">DNS_SRV</span>=<span class="PreProc">$OPTARG</span>
                <span class="Statement">;;</span>

        *<span class="Statement">)</span>        usage
                <span class="Statement">exit</span><span class="shCase"> </span><span class="Constant">2</span>

    <span class="Statement">esac</span>

<span class="Statement">done</span>

<span class="Comment"># Work out some paths and do some checks</span>

<span class="Identifier">SRC_DIR</span>=<span class="Statement">&quot;</span><span class="PreProc">${</span><span class="PreProc">BASE_DIR</span><span class="PreProc">}</span><span class="Constant">/</span><span class="PreProc">${</span><span class="PreProc">GROUP</span><span class="PreProc">}</span><span class="Constant">/hosts</span><span class="Statement">&quot;</span>

<span class="Special">[[</span> <span class="Statement">-z</span><span class="shDblBrace"> </span><span class="PreProc">$OUTFILE</span><span class="shDblBrace"> </span><span class="Special">]]</span> <span class="Statement">\</span>
    &amp;&amp; <span class="Identifier">OUTFILE</span>=<span class="Statement">&quot;</span><span class="PreProc">${</span><span class="PreProc">BASE_DIR</span><span class="PreProc">}</span><span class="Constant">/</span><span class="PreProc">${</span><span class="PreProc">GROUP</span><span class="PreProc">}</span><span class="Constant">/network/uri_list.txt</span><span class="Statement">&quot;</span>

<span class="Special">[[</span> <span class="Statement">-x</span><span class="shDblBrace"> </span><span class="PreProc">$DIG</span><span class="shDblBrace"> </span><span class="Special">]]</span> <span class="Statement">\</span>
    || die <span class="Statement">&quot;</span><span class="Constant">can't run dig [</span><span class="PreProc">${</span><span class="PreProc">DIG</span><span class="PreProc">}</span><span class="Constant">]</span><span class="Statement">&quot;</span><span class=""> </span><span class="Constant">1</span>

<span class="Special">[[</span> <span class="Statement">-w</span><span class="shDblBrace"> </span><span class="PreProc">${</span><span class="PreProc">OUTFILE</span><span class="Statement">%</span>/*<span class="PreProc">}</span><span class="shDblBrace"> </span><span class="Special">]]</span> <span class="Statement">\</span>
    || die <span class="Statement">&quot;</span><span class="Constant">can't write to output directory [</span><span class="PreProc">${</span><span class="PreProc">OUTFILE</span><span class="Statement">%</span>/*<span class="PreProc">}</span><span class="Constant">]</span><span class="Statement">&quot;</span><span class=""> </span><span class="Constant">2</span>

<span class="Special">[[</span> <span class="Statement">-d</span><span class="shDblBrace"> </span><span class="PreProc">$SRC_DIR</span><span class="shDblBrace"> </span><span class="Special">]]</span> <span class="Statement">\</span>
    || die <span class="Statement">&quot;</span><span class="Constant">no audit data at </span><span class="PreProc">${</span><span class="PreProc">SRC_DIR</span><span class="PreProc">}</span><span class="Constant">.</span><span class="Statement">&quot;</span>

<span class="Comment"># Pull URIs out of all the audit files. They're on lines beginning &quot;site=&quot;.</span>
<span class="Comment"># We are only interested in URIs with dots in them - ones without will take</span>
<span class="Comment"># an age to time out. Run the whole lot into a batch lookup job with dig</span>
<span class="Comment"># (only works with 9.4+), and filter the results through sed to produce</span>
<span class="Comment"># lines of the form www.uri.com=1.2.3.4. Some sites just can't be resolved,</span>
<span class="Comment"># and dig drops a line into the output informing you of this. These lines</span>
<span class="Comment"># are prefixed by a semicolon, and we don't want them.  We also don't want</span>
<span class="Comment"># trailing dots on CNAMES. Run everything through uniq to get rid of all the</span>
<span class="Comment"># duplicate references to things which are CNAME aliases.  Why you can't</span>
<span class="Comment"># just stick a -u in with the sort flags is left as an exercise for the</span>
<span class="Comment"># reader</span>

<span class="Statement">find</span> <span class="PreProc">$SRC_DIR</span><span class=""> </span><span class="Special">-name</span><span class=""> \*.saud </span><span class="Constant">2</span><span class="Statement">&gt;</span><span class="">/dev/null </span><span class="Statement">\</span>
    | xargs <span class="Statement">grep</span><span class=""> </span><span class="Statement">&quot;</span><span class="Constant">^website=</span><span class="Statement">&quot;</span><span class=""> | cut </span><span class="Special">-d</span><span class="">\  </span><span class="Special">-f2</span><span class="">  | </span><span class="Statement">grep</span><span class=""> </span><span class="Statement">'</span><span class="Constant">\.</span><span class="Statement">'</span><span class=""> | </span><span class="Statement">sort</span><span class=""> </span><span class="Special">-u</span><span class=""> </span><span class="Statement">\</span>
    | <span class="PreProc">$DIG</span><span class=""> </span><span class="Special">+noall</span><span class=""> </span><span class="Special">+answer</span><span class=""> @</span><span class="PreProc">$DNS_SRV</span><span class=""> </span><span class="Special">-f</span><span class=""> - </span><span class="Statement">\</span>
    | <span class="Statement">sed</span><span class=""> </span><span class="Statement">'</span><span class="Constant">/^;/d;s/\.[     ].*[    ]/=/;s/\.$//</span><span class="Statement">'</span><span class=""> </span><span class="Statement">\</span>
    | <span class="Statement">sort</span><span class=""> </span><span class="Special">-t</span><span class="Statement">=</span><span class=""> -k2 </span><span class="Statement">\</span>
    | uniq <span class="Statement">\</span>
    <span class="Statement">&gt;</span><span class="PreProc">$OUTFILE</span>

</pre>
